Suexec on cPanel

[slimak]

Hello,
I have a bit problem with cPanel suexec. cPanel stores suexec settings in virtualhost in httpd.conf as:

<virtualhost ...>
...
User x
Group x
...
</virutalhost>

When lsws automatically import the config from httpd.conf, the suexec isn't working. All CGI scripts are execute as nobody. Is there possible to change that?


Regards,
Maciej Tomaszewski

 

[mistwang]

You can fix it by changing "CGI Set UID Mode" to "document root" for the imported vhost.
Or do not import httpd.conf during installation, let LSWS read httpd.conf directly with "Using Apache Configuration File" feature under "server"->"general" tab.

 

[slimak]

Answer

I'm using option "Using Apache Configuration File" - LSWS is reading httpd.conf directly.

 

[mistwang]

I see. For PHP will be executed under user "nobody" as PHP is handled by the global phpLsapi running as "nobody".
For other plain CGI, should be executed as the UID specified.
The PHP suExec will be addressed soon in new LSWS release, please stay tuned.

 

[slimak]

Answer

1. Plain CGI is also executed as nobody.
2. Ok, I will wait for new version.

 

[pizzaman]

I see. For PHP will be executed under user "nobody" as PHP is handled by the global phpLsapi running as "nobody".
For other plain CGI, should be executed as the UID specified.
The PHP suExec will be addressed soon in new LSWS release, please stay tuned.

This is probably the last bit of features that I may need before
deploying lsws in cpanel servers. Will be waiting too...

1. install lsws
2. build php with litespeed
3. config lsws to read httpd.conf directly
4. remove httpd from default runlevel & disable httpd from chkservd
5. enjoy lower load & memory consumtion on your cPanel box!

 

[xing]

LiteSpeed Web Server 2.2 has been released with the suEXEC feature and more.

 

[pizzaman]

LiteSpeed Web Server 2.2 has been released with the suEXEC feature and more.

Awesome! Very well done, guys. THANK YOU!

 

[slimak]

PHP5 suExec

Now it works very good. PHP and CGI files are executing as they should (as user), but I have problem with PHP5. I installed second php (PHP 5.1.6) as lsapi. Files .php, .php3, .php4, .phtml are executing by php4; files .php5 are executing by php5. PHP4 scripts are running as user, but PHP5 as nobody. Could you check that? I have the same configuration in lsws for php4lsapi and php5lsapi.

 

[mistwang]

I knew the PHP4+PHP5 setup will cause problem.
We will address that in 2.2.1 .

 

[mistwang]

PHP4 & PHP5 should be started in suEXEC mode with 2.2.1 release.

 

[shanx24]

Is there a step by step guide for cpanel users with ROOT access, but also to make this work under all other domains registered under WHM?

I want to make sure PHP5 works for PHP extensions, that mod_security etc type stuff works (or has an LSWS equivalent in terms of security), that PHP executes with SUEXEC as normal without too much effort (or pls let me know what to do), and finally, to make sure Apache is out and LSWS does my serving for the website.

Many thanks!

 

[shanx24]

PHP4 & PHP5 should be started in suEXEC mode with 2.2.1 release.

And how do you do that? Many thanks,

 

[mistwang]

mod_security equivalent is under development, will be available in 3.0 release.

You can try LiteSpeed now without interrupt Apache service if you want to, either run LiteSpeed on different port with "Port offset" configuration, or on a different IP with "IP offset" configuration. If there is any compatibility issue with Apache, please let use know, we will work on that.

After mod_security is ready, we will add a Wiki entry for Apache->LSWS migration guide for Cpanel server.

 

[shanx24]

Thanks. Roughly when might this be?

 

[mistwang]

And how do you do that? Many thanks,

You need to your own lsphp5 executable for PHP5 by following our Wiki, then add an external app for lsphp5 and script handler configuration for '*.php5' files at server level. Just duplicate our existing configuration for lsphp and 'php' script handler.

All virutal hosts configured through Apache httpd.conf will use similar configuration to handle php and php5 files.
Play around with the web admin interface and read the document, you will get an idea how things were configured. If you messed it up, just do a reinstallation.